Froxlor prior to 0.9.33.2 with the default configuration/setup might allow remote malicious users to obtain the database password by reading /logs/sql-error.log.
froxlor froxlor